Hell, I don’t submit help requests without a confident understanding of what’s wrong.

Hi Amazon. My cart, ID xyz123, failed to check out. Your browser javascript seems to be throwing an error on line 173 of “null is not an object”. I think this is because the variable is overwritten in line 124, but only when the number of items AND the total cart price are prime.

Generally, by the time I have my full support request, I have either solved my problem or solved theirs.

I agree that this is a problem.

“Responsible disclosure” is a thing where an organization is given time to fix their code and deploy before the vulnerability is made public. Failing to fix the issue in a reasonable time, especially a timeline that your org has publicly agreed to, will cause reputational harm and is thus an incentive to write good code that is free of vulns and to remediate ones when they are identified.

This breaks down when the “organization” in question is just a few people with some free time who made something so fundamentally awesome that the world depends on it and have never been compensated for their incredible contributions to everyone.

“Responsible disclosure” in this case needs a bit of a redesign when the org is volunteer work instead of a company making profit. There’s no real reputational harm to ffmpeg, since users don’t necessarily know they use it, but the broader community recognizes the risk, and the maintainers feel obligated to fix issues. Additionally, a publicly disclosed vulnerability puts tons of innocent users at risk.

I don’t dislike AI-based code analysis. It can theoretically prevent zero-days when someone malicious else finds an issue first, but running AI tools against that xkcd-tiny-block and expecting that the maintainers have the ability to fit into a billion-dollar-company’s timeline is unreasonable. Google et al. should keep risks or vulnerabilities private when disclosing them to FOSS maintainers instead of holding them to the same standard as a corporation by posting issues to a git repo.

A RCE or similar critical issue in ffmpeg would be a real issue with widespread impact, given how broadly it is used. That suggests that it should be broadly supported. The social contract with LGPL, GPL, and FOSS in general is that code is released ‘as is, with no warranty’. Want to fix a problem, go for it! Only calling out problem just makes you a dick: Google, Amazon, Microsoft, 100’s of others.

As many have already stated: If a grossly profitable business depends on a “tiny” piece of code they aren’t paying for, they have two options: pay for the code (fund maintenance) or make their own. I’d also support a few headlines like “New Google Chrome vulnerability will let hackers steal you children and house!” or “watching this youtube video will set your computer on fire!”

Not just the primaries! My city is pretty purple. We tend to vote republican by a slim majority in larger races (think 51/49), but in the mayor and city council race that just happened, the republican mayor won at like 66/33. Vote every chance or you cede your power to the people who do.

The fix is to start local. Bob’s right: that school PTO experience will be on the candidate’s bio when they run for mayor, even if they are the karen-est karen, and it will sway a few people. That ® mayor has power over a huge amount of how the city is run and many of the things people are locally unhappy with are a direct result of them electing a rich asshole. If we elect Dems locally, we might be able to sway people to our side when the situation gets better under our leadership.

We individuals have the power but it’s got a bit of a lag-time to it. Become informed about how the DNC structure works (best done by joining your local precinct, even if you do nothing more than joining a few meetings). The precincts vote for who runs the county, the counties vote for who runs the state, the states vote for the nation and it’s all based on head-count of participants: a large precinct by population might only have a relative few people engaged and will not have as large an impact when voting in upstream elections. If we’re mad at DNC leadership or the options we have for congress/president, the fix is to ensure people at the precinct-level are the right ones.

This comment is a direct response to anyone saying “both sides”, “dem’s are still corporate shills”, or similar defeatist comments. The “spineless dems” currently have power at the top of the party, but we can fix that. It will take work. It will require time, and that time will be hard to justify with little immediate result. This is the battle we need to fight right now, though. It just needs to be constant and not only complaining online and voting every 2-4 years.

While I believe that this is accurate, as a broad stroke and specifically of the DNC itself, any individual democratic politician is not necessarily corrupt and playing a foil. Especially as you get more and more local.

Don’t let cynicism prevent you from voting for a local candidate for mayor or city council, for example. It’ll take time to see if Mamdani is what he claims to be, but it’s not unreasonable for someone who is mad at the current situation to run for office with a real intent to improve things.

The way we fix things is by getting the local orgs to throw their weight around. Those precinct orgs get votes in the district and district vote in state and state vote nationally. If you’re mad right now or were mad in 2020, then get involved. Find your local democratic organization and become the change. Under our Representative Democracy, we don’t always directly elect our leadership, but we do get to elect the people that elect the people that elect the people… Gotta start at the bottom and ensure that first step has our values in mind. Right now, too many people only get involved every 2-4 years and are mad at the results.

“President” and “Senator” are important titles, but so is “County Chair”. Doing this and pushing the Democratic party further left will be more effective than sending a protest vote for a third party every 4 years, but you can do both.

I’m happy you provided a few examples. This is good for anyone else reading along.

Equifax in 2017: Penalty was, let’s assume the worst case, 700$M. The company in 2017 made 3.3$B, and I’d assume that was after the penalty, but even if it wasn’t, that was a penalty of 27% of revenue. That actually seems like it would hurt.

TSB in 2022: Fined ~48.6£M by two separate agencies. TSB made 183.5£M in revenue in 2022, still unclear if that was pre- or post- penalty, but this probably actually hurt.

Uber in 2018: your link suggests Uber avoided any legal discovery that might have exposed their wrongdoing. There are no numbers in the linked article and a search suggest the numbers are not public. Fuck that. A woman was killed by an AI driven car and the family deserves respect and privacy, but uber DOES NOT. Because it’s not a public record, I can’t tell how much they paid out for the death of the victim, and since uber is one of those modern venture-capital-loss-leader companies, this is hard to respond to.

I’m out of time – and won’t likely be able to finish before the weekend, so trying to wrap up – and Boeing seems complicated and I’m more familiar with Crowdstrike and I know they fucked up. In both cases, I’m not sure how much of a penalty they paid out relative to income.

I’ll cede the point: There are some companies who have paid a price for making mistakes. When you’re talking companies, though, the only metric is money-paid/money-earned. I would really like there to be criminal penalties for leadership who chase profit over safety, so there’s a bit of ‘wishful thinking’ in my worldview. If you kill someone as a human being (or 300 persons, Boeing), you end up with years in prison, but company just pays 25% of it’s profit that year instead.

I still think Cassandra is right, and that more often than not, software companies are not held responsible for their mistakes. And I think your other premise, that ‘if software is better at something’ carries a lot: Software is good at explicit computation, such as math, but is historically incapable of empathy (a significant part of the original topic… I don’t want to be a number in a cost/benefit calculation). I don’t want software replacing a human in the loop.

Back to my example of a flock camera telling the police that a stolen car was identified… the software was just wrong. The police department didn’t admit any wrongdoing and maaaaybe at some point the victim will be compensated for their suffering, but I expect flock will not be on the hook for that. It will be the police department, which is funded by taxpayers.

Reading your comments outside this thread, I think we would agree on a great many things and have interesting conversations. I didn’t intend to come across as snide, condescending or arrogant. You made the initial point, cassandra challenged you and I agreed with them, so I joined where they seemed not to.

The “bizarre emotion reaction” is probably that I despise AI and want it nowhere near any decision-making capability. I think that as we embed “AI” in software, we will find that real people are put at more risk and that software companies will be able to deflect blame when things go wrong.

The burden of proof is on you. Show me one example of a company being held liable (really liable, not a settlement/fine for a fraction of the money they made) for a software mistake that hurt people.

The reality is that a company can make X dollars with software that makes mistakes, and then pay X/100 dollars when that hurts people and goes to court. That’s not a punishment, that’s a cost of business. And the company pays that fine and the humans who mode those decisions are shielded from further repercussions.

When you said:

the idea that the software vendor could not be held liable is farcical

We need YOU to back that up. The rest of us have seen it never be accurate.

And it gets worse when the software vendor is a step removed: See flock cameras making big mistakes. Software decided that this car was stolen, but it was wrong. The police intimidated an innocent civilian because the software was wrong. Not only were the police not held accountable, Flock was never even in the picture.

We can learn a few things from the French. They seem to have good ideas about how to protest for sure.

A question: How do you think you get to the point where the quiet majority feels confident enough to show up in force? To ‘disrupt the system’?

We Americans, by our own devices, have become a very insular people. We have social media, which puts us all in our little bubbles and cellphones, which distract us from the actual people around us. We sit in despair about rising prices and the tragedies inflicted on ourselves or our neighbors, our world. We watch our rights get eroded.

These protests are a symbol that we are not alone. That there are others out there that are also mad. These protests burst the bubble that technology has trapped us in. Read through the comments with this in mind: How many people were surprised at the turnout being larger than expected. And for each of those, there’s a comment indicating it could be larger. As we come to terms with how many allies we have, we gain collective power. Sure, we have it now, but we’re not willing to wield it yet. Building the confidence that you will be one among many is the key to wielding that power. Ten people protesting will be intimidated by the local police. Ten thousand will intimidate the police instead. Ten million will intimidate the government.

I write actual responses to throwaway comments all the time. I don’t do this for Auli or Fresh, I do this for those that might agree with you on the surface. This protest was not intended to make immediate change. It was intended to build pressure, to unite the people and to show support for the cause. When we show up and make a scene, we provide a shield for those who are not as willing to be in front to join in. When they join in, we grow and are able to pull in even more. Every thumbs-up from a car is someone who is on our side, but due to life commitments or fear did not attend… this time.

Edit: Followup: If you want faster change… do it. What’s your idea? Build a movement and implement or shut the fuck up. You might find that it’s hard to find other people willing to risk their safety and arrest to block a street, or to risk losing their job to strike with only a few people involved. When we have the numbers to make the system fear what we could do, we will win, even if we never have to do it.

I’m going to expand on TrickDacy’s comment:

Every both sideser is either extraordinarily lazy or a closeted right winger

and instead state: It is OKAY to be mad at democratic politicians. Especially the spineless ones we have an abundance of right now. And there is certainly some rage we can all aim at the DNC as an organization, which appears to be trying to hamstring any actually progressive candidates.

But there really isn’t a competition in the race for ‘who is most evil’ between D and R. One side is at least appearing to fight for worker rights, healthcare, equality, peace and other progressive/liberal goals. The other side is actively dismantling the government… like actively and they told us they were going to. There’s no both sides here.

So, by ‘closeted right winger’, what I think Trick means is that anyone boldly claiming ‘both sides’ falls into one of a few categories:

• lazy: Doesn’t “do politics” and gets their news from tiktok, fox, cnn, their buddy at work, and doesn’t put in the critical thinking to make their own decisions. “Both Sides” lets them get away with not caring enough and just moving on with life.
• gullible: Believes they are thinking critically, but are swayed by media, social or conventional, into thinking that all politicians are shit, and if one is corrupt then they all are.
• malicious: Knows they are being disingenuous, but knows the other categories exist. If they claim ‘both sides’ are doing something, then when one side actually gets caught doing it, the public just kinda shrugs it off. This also depresses voter turnout in general, because of the lazy group.

So. What is your purpose in your post. Are you lazy, and just know that democrats also suck, but want to sound smart on the internet? Are you gullible, and really think that democrats would be just as bad if they had power? Or are you malicious, and trying to make the people that would otherwise “do politics” give up and become lazy?

If you are not trying to make people give up, STOP. There is no both sides. There is the fascist, authoritarian, oligarchic, billionaire side, and then there are the people. If you want to make a real difference and move the needle, then the time is now, but it’s not in a forum post saying ‘both sides are bad.’ It’s going to be in your local democratic organization, trying to find candidates to run for local or regional offices and then supporting them. The people THERE are definitely on our side, since they are just us. And if we can build strong networks THERE, then we can push people into the national stage who will also fight for us.

The democrats who act like republicans need a strong local network to primary them. Be the change you want to see.

Which CEO downvoted this?

Upvoting, but also commenting to say that employees are at a disadvantage in almost all cases: a company can almost certainly absorb your loss but most people cannot absorb the loss of their income.

Asking for a raise could get you fired (sorry, “let go”), especially if you’re in a position where there’s an eager new applicant just waiting for a position to open up, such as any service-industry job.

Even niche skilled jobs are not immune. If your cost approaches the value your employer extracts from your labor, then you will be left jobless and you may find it hard to find a comparable position if your skill-set is tightly focused. If you’re the one COBOL programmer at your company, you are underpaid; the moment you demand your actual worth, they will figure out how to pivot that old code-base to something more modern, even if it costs millions of dollars to license and switch to a new ERP platform or similar bullshit.

I’ve turned this WFH rant into a worker protection rant, so back on topic: Wouldn’t it be nice to just … not have to drive to a place to put your butt in a seat when your butt could be at a seat at home and do the exact same thing? I get that some jobs don’t work that way, but many (probably most) do.

In 2020, we witnessed most jobs at company headquarters around the world being done at home and nothing exploded. Almost everything done from a cubicle can be done from home. Wouldn’t it be nice to knock down those buildings and make them green spaces instead?

“Blue no matter who” is a response to the republicans who just fall in line and vote for any ®. This is a way to suggest that anyone running as a democrat is better than someone running as a republican. Sure, a “DINO” or closet fascist is not a great option, but an out fascist is likely worse.

‘Blue no matter who’ is also an easy way to guide less-informed voters: fill in the circle, check the box, etc, next to the (D).

The real work, though, needs to happen earlier. This is where we address fraudsters. Be involved in primaries and kick these assholes out of office if they don’t live up. Find candidates who will actually work for us and get them on the ballot – and then the ‘blue no matter who’ will get them votes from the people who are not paying as much attention.

Diminishing the impact of the phrase only hurts our cause. If you see democratic politicians who are not living up, then find people to replace them.

I really like the description of AI coding as ‘custom stack overflow generator’ because it really sells the flaws as well, to an experienced dev. We go to stack overflow for help with some weird quirk of a language or find an obscure library that solves our specific need.

I think vibe coding is cobbling together a project from a bunch of stack overflow posts – and they only use the question part of the post.

Yeah. The real problem with power is that the people best suited to wield it don’t seek it out.

Running for president should automatically disqualify you…

I get the thrust of the song, but I have a question for you and/or anyone else who has insight:

I make small aggressions, like OP, where I assume I’m costing a corpo and giving to an artist through it, even if minuscule.

Examples:

Similar to OP, I have a streaming service ‘downloaded’ playlist of songs I like. I tend to leave my PC playing them in shuffle/repeat during my workday. I might have my volume on or off depending on my level of focus, but I can’t see how that “engagement” doesn’t benefit the artist without costing me anything – maybe a smidge more electricity.

Since I saw The Spiffing Brit’s runtime video, I no longer close a youtube tab if I decide I want something else. I mute the tab, set the speed to .25 and ignore it for a while. Costs me electricity, not that much bandwidth, and presumably pays the channel more than usual. Maybe fucks with analytics per-video, but probably not enough to bother the creator, and if it fucks with ‘the algorithm’ and pushes people to channels I already like, then that’s a google problem.

I also have an Epic Games account, where I “buy” every single free game. I assume these have either already paid the developer a fixed fee for supporting development, or are paying based on sales volume. Either way, they presumably paid money to be able to offer these as a loss-leader. Most are games I would not have bought anyway, so I’m not costing the developer a potential sale and I will never buy anything through Epic games, so it should be just a loss. I actually want insight on this one, in case there are devs/publishers here. If this costs you when I buy your free game, there might be others like me who just need to know we’re not helping.

Aside from the fact that my engagement with these platforms could be used as leverage (’ we have X million active users…'), I can’t see any negative to my attacks on them. It’s possible the artists can’t perceive it, but if the corpos love it, they wouldn’t make me pass a CAPTCHA to buy a game.

The question, then, is: Am I hurting the artists, or helping them?

I’m no longer at my computer where typing is easy. I thank all of you for responding in good faith, and I’ll be reading the various links. Thanks for engaging with me.

I’m now mobile, so my formatting will suffer.

Capitalism = bad. I’m fully behind that, and see it as the root of the problem. What I don’t see is a path forward that doesn’t involve incremental progress, even if not all demographics are served. At least not without violence that will be disrupt even more.

I think this is where we disagree, but I might still be missing something.

You (assorted folks responding to me) want an epoch change where we rise up and take back the power we have. We have it right now, but the price to pay to enforce that is too high for me.

I want a progression where we work towards owning that power. We had it partially when unions were still strong, but it was undermined. In my mind, the solution is education, but I have no power to enact that directly. My ability to influence is limited to my local org and voting.

A green party, socialist party, etc, will never win an election in our current environment. Votes there are literally useless, if not spoiling a candidate that has at least some if your views. The system is rigged, sure, but you can’t flip this table and walk away.

Can we separate this discussion into talking about politics and elections and eliminate Israel/Palestine? I’m a-religious, pro Palestine, pro humanitarian, but having that angle seems to quickly degenerate every conversation into ‘both sides are genocide’ and avoid the’how do we move forward’ question. I think these can be separated, but maybe that is also a place we disagree.

I feel we’re playing different games, or using different terms.

Help me understand.

Firstly. Let’s define words: I’m assuming/using my view of a US-centric Liberal vs Conservative.

Liberal: Democratic party, wants to make life better for the larger segment of the population.

Conservative: Republican party, wants to consolidate power and wealth in the hands of a few.

That’s my personal and biased broad-strokes view of the political landscape.

Conservatives have managed to gather enough popular support that people will vote against their best interest for either perceived economic gain or for ‘hurt the other people more.’

Stepping back even further, what is your end-goal? How do you respect the desires of millions of people without some sort of representation, and if you have such, how do you ensure that the representative aligns with the goals of their constituents?

Sadly, I’m offline for the day, but I’d be happy to continue this conversation.

In this post: not realizing that the ideal solution is not a single step away, but rather multiple steps – and they will not be simple to sell to a general populace.

I’ll admit I’m not familiar with the term. ‘Electorialism’ seems to be, according to Wikipedia, a ‘half-way step’ between Authoritarianism and Democracy.

As far as I know, we are still not quite in an Authoritarian state here in the US. We are more likely to be headed in the opposite way from Electorialism; where we are transitioning from what is a democratic process to one where oligarchs have consolidated enough power and influence that they can just say, ‘fuck it, we win.’ In that case, yes, I do want to make a case against Electorialism.

In Electorialism, the dominant party, presumably the authoritarian one, conducts elections that allow their opponents a stage and promises to be free and fair while still controlling the levers of power. What we have seen in the last 8 years is a party, republicans, that are throwing every possible strategy at the wall in the effort to undermine and discredit elections with the end result that if they win, the election will be seen as fair and, if they lose, the election will be seen as unfair.

All concepts of what are optimal democratic processes are going to be just that: concepts. We live in the real world. There are millions of people you have to convince to move to your desired method of representation. I think we agree on the end-goal, I just disagree on how to get there and think we can’t jump from a Trump presidency directly to a worker-owned utopia.

Help me out. What’s our next step?

Mine is to help elect people to local, state and federal offices that want to make life for everyone better.

My comment was removed by the mods… probably because I let my rage show. Though the mod log shows rule 2 instead of rule 1 :P

Here’s a longer and nicer version:

I’m a (US) liberal, and I don’t approve of any of the views described by kittenzrulz123. Lumping half the country into a single bucket is not going to give you a good overview of the myriad ideals we might have individually.

You have a choice. You can look at the political landscape at the moment of the election and choose one of four options:

1. vote for the guy who will absolutely fuck over everyone he can for his own profit. We knew what he was back in 2016 and he isn’t going to change.
2. vote for the lady who has a chance to win, is probably still crappy for some demographics, but is miles better than #1 and not likely to declare war on a random country because she’s hungry.
3. vote for someone who has a 0% chance of winning, effectively throwing the vote to the rest of the population.
4. abstain, also throwing the vote to the rest of the population.

At this time, our election system really only works for two parties. Any third-party vote is useless, if not counterproductive. If you can’t understand how that math works, let me know and I’ll break it down for you. I’d love to change that, but the process is by using our ability during primaries to put forward more liberal candidates that support election reforms, not by putting our heads in the sand and voting 3rd party hoping that we will make people notice… hint: they will not.

If you don’t like your choices when you go to the voting booth in November, the solution is to get involved in late November and make things better next time. Join a local democratic organization and become part of the solution. Complaining online about how your choices suck is something we can fix if we all jump in. If you’re not doing that, then you are abdicating your responsibility and allowing others to make the choice of who represents us instead. If you choose not to be part of the selection process, the very least you can do is vote for the ‘lesser evil’ and not make things worse.

Side note: the Primary election is the end of that selection process, not the start. Putting your values on the primary ballot is where you should spend your energy if you’re mad at the status quo.

I will admit that I’m angry that we didn’t get a Democratic primary and that Harris was ordained as Biden’s successor without any popular input. The DNC is to blame for that fuck-up. It’s irrefutable, though, that Harris would have been better for Palestine, the US economy, US healthcare, foreign relations, and dozens of other topics than trump is.

Would Claudia de la Cruz have been better? Sure. Her platform looks awesome. Did she have even a chance of winning? no.

Removed by mod